Pairing merchant point of sale with payment reader terminal via server application programming interface

ABSTRACT

A merchant uses a merchant point of sale (POS) device to identify items or services for purchase by a customer, and costs for each. One or more payment amounts are sent from the merchant POS device to a checkout server using an application programming interface (API), which the checkout server sends on to an authorized payment terminal device that then reads payment information from a payment object and sends the payment information back to the checkout server. The checkout server processes the transaction and confirms transaction completion to the merchant POS device and payment terminal device.

BACKGROUND

Payment cards, such as credit cards and debit cards, are often used bycustomers during transactions with merchants. Merchants can read paymentinformation from payment cards using payment card reader terminals, forexample via magnetic stripe readers or Europay/Mastercard/Visa (EMV)chip readers in the payment card reader terminals. Payment card readerterminals read payment card information from the payment card and sendthat payment card information to a server associated with a financialentity, such as a bank or credit card institution, in order to processthe transaction by transferring funds from a customer account to amerchant account.

Merchant point of sale (POS) devices are systems that are used bymerchants to enter items or services requested by a customer, retrieveprices for each item or service, calculate a total, and in some casesprepare a receipt or invoice to be printed and given to the customerbefore or after payment processing. Merchant POS systems can becustomized for different industries. For example, some merchant POSsystems are connected to bar code scanners that can scan bar codesattached to various items sold at the stores, so that items selected forpurchase by the customer can quickly be identified to the merchant POSdevice.

A merchant POS and a payment terminal may sometimes be co-located in asingle device. In some cases, however, a merchant may need to use aparticular merchant POS device that is specially designed for themerchant's needs. A merchant may also wish to offload receipt ofcustomer personal data to a separate payment terminal device to reducethe risk of loss of that customer personal data in a data breach. Thebenefits of using separate a merchant POS device and a separate paymentcard reader terminal thus include granting the merchant freedom tocustomize their merchant POS device without compromising paymentsecurity and functionality.

There is a need for a system that enables intuitive, efficient, andsecure pairing and collaboration between a merchant POS device and apayment card reader terminal.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a system architecture including a merchant point ofsale (POS) device, a payment reader terminal, a checkout service server,and a financial entity server.

FIG. 2 is a swim lane diagram illustrating a merchant point of sale(POS) device, a payment reader terminal, and a checkout servicecooperating to process a transaction between a customer and a merchant.

FIG. 3 is a swim lane diagram illustrating authorized pairing of amerchant point of sale (POS) device and a payment reader terminal via acheckout service.

FIG. 4 is a swim lane diagram illustrating interactive customizedmessaging at the payment reader terminal.

FIG. 5 is an architecture diagram of a payment reader terminal device.

FIG. 6 illustrates a system architecture including a web-based point ofsale (POS) device and mobile device that collaborate to perform acardless transaction.

FIG. 7 is a block diagram of an exemplary computing device that may beused to implement some aspects of the technology.

DETAILED DESCRIPTION

A merchant uses a merchant point of sale (POS) device to identify itemsor services for purchase by a customer, and costs for each. One or morepayment amounts are sent from the merchant POS device to a checkoutserver using an application programming interface (API), which thecheckout server sends on to an authorized payment terminal device thatthen reads payment information from a payment object and sends thepayment information back to the checkout server. The checkout serverprocesses the transaction and confirms transaction completion to themerchant POS device and payment terminal device.

FIG. 1 illustrates a system architecture including a merchant point ofsale (POS) device, a payment reader terminal, a checkout service server,and a financial entity server.

Payment instruments, also referred to as payment objects, transactioninstruments, or transaction objects, may include payment cards ortransaction cards such as credit cards, debit cards, gift cards, ortransit cards. Payment instruments may also include payment devices ortransaction devices, such as cellular phones, wearable devices,smartphones, tablet devices, laptops, media players, portable gamingconsoles, and other computing devices 700 as discussed with respect toFIG. 7. Payment instruments may store payment instrument information(which may be referred to as payment object information, payment cardinformation, payment device information, payment information,transaction object information, transaction card information,transaction device information, or transaction information), for exampleencoded along a magnetic stripe on the payment instrument, stored on anintegrated circuit (IC) chip such as a Europay/Mastercard/Visa (EMV)chip, or stored in a non-transitory computer-readable storage mediumelectrically coupled to one or more active and/or passive near fieldcommunication (NFC) transceivers of the payment instrument.

The payment reader terminal device 125 of FIG. 1 includes hardware forreading payment instrument information from a one or more types ofpayment instrument. In particular, the payment reader terminal device125 of FIG. 1 is illustrated with a slot on the right-hand side with amagnetic stripe reader. A payment card can be swiped through the slot,allowing the magnetic stripe reader of the payment reader terminaldevice 125 to read the payment instrument information from a magneticstripe of the payment card. The payment reader terminal device 125 ofFIG. 1 is also illustrated with a slot at the anterior end with anintegrated circuit (IC) chip reader, such as a Europay/Mastercard/Visa(EMV) chip reader. One end of a payment card can be inserted into theslot, allowing the IC chip reader to read the payment instrumentinformation from an IC chip of the payment card, which may be an EMVchip of the payment card. The payment reader terminal device 125 of FIG.1 also includes one or more active and/or passive near fieldcommunication (NFC) transceivers. A NFC-capable payment instrument canbe placed adjacent to the one or more NFC transceivers of the paymentreader terminal device 125, allowing the one or more active and/orpassive NFC transceivers of the payment card terminal to read thepayment instrument information from one or more active and/or passiveNFC transceivers of the payment instrument. NFC-capable payment cardsmay include passive NFC transceivers, but may in some cases instead oradditionally include active NFC transceivers. NFC-capable paymentdevices may include active NFC transceivers, but may in some casesinstead or additionally include passive NFC transceivers.

The payment reader terminal device 125 of FIG. 1 also includes a displayscreen, which may include any type of display system 770 illustrated inand discussed with respect to FIG. 7. The payment reader terminal device125 may render various messages or interfaces that for display on thedisplay screen, such as messages with payment instructions instructingcustomers or merchants to swipe a payment card through a magnetic stripereader slot of the payment reader terminal device 125, insert a paymentcard into an IC reader slot of the payment reader terminal device 125,or tap a NFC-capable payment instrument adjacent to one or more NFCtransceivers of the payment reader terminal device 125. The paymentreader terminal device 125 may in some cases render a keypad or keyboardfor display on the display screen, so that the customer may enter apersonal identification number (PIN), a password, a phone number, amember number, an email address, a signature, or some other customeridentifier code via a touch-sensitive interface of the display screen.As discussed with respect to FIG. 4, the display screen may also receiveadditional messages from the checkout service 110, which may for exampleinclude advertisements or offers for additional items or services topurchase from the merchant, or coupons or discounts that may be applied,and which may be rendered by the payment reader terminal device 125 anddisplayed by its display screen until the payment reader terminal device125 receives an order for a transaction to process, which may simplyinclude a payment amount to charge the customer as discussed withrespect to FIG. 2.

A merchant point of sale (POS) device 120 is also illustrated in FIG. 1.The merchant POS device 120 is a system that is used by a merchant toidentify one or more purchases from the merchant by a customer (i.e.,one or more items or services requested for purchase from the merchantby a customer), retrieve prices for each identified item or service,calculate a total, and in some cases prepare a receipt or invoice to beprinted and given to the customer before or after payment processing. Insome cases, the items or services may be identified by selecting an iconor text box corresponding to the item or service via an input device ofthe merchant point of sale (POS) device 120, such as a touch-sensitivesurface of a touchscreen, a keypad, a keyboard, a mouse or trackpadcontrolling a mouse cursor, any other input device. In some cases, theitems or services may be identified using a bar code scanner incommunication with the merchant POS device 120, the merchant using thebar code scanner to scan bar codes affixed to the items, packagingassociated with the items, tickets or vouchers associated with theservices, or some combination thereof. In some cases, an amount orquantity of one or more of the items may be determined based on weightas determined by a scale in communication with the merchant POS device120, the merchant using the scale to weigh the items (e.g., fruits,vegetables, grains, meats, or other consumables). In some cases, themerchant POS device 120 may handle appointments or reservations forservices such as restaurant meals or doctor's appointments. The hardwareand/or software of merchant POS devices 120 and used with merchant POSdevices 120 may be customized differently for different industries. Themerchant POS device 120 of FIG. 1 is illustrated as a touchscreen deviceshowing an item or service identified “AAA” costing $20.00 as a firstpurchase and an item or service identified “BBB” costing $12.99 as asecond purchase, the first purchase and second purchase summed up by themerchant POS devices 120 to a total payment amount of $32.99.

The merchant POS device 120 and the payment reader terminal device 125of FIG. 1 are both located at a merchant location 105, but are notdirectly connected to one another through any wired means nor throughany wireless means, though in some cases they may be connected to thesame Wi-Fi network, other WLAN network, or cellular phone network.Instead, the merchant POS device 120 and payment reader terminal device125 are both connected through network connections to one or morecheckout service servers 130 of the checkout service 110. In particular,the network connection(s) between the merchant POS device 120 and theone or more checkout service servers 130 are illustrated via arrow lines140 and 145 in FIG. 1, while the network connection(s) between thepayment reader terminal device 125 and the one or more checkout serviceservers 130 are illustrated via arrow lines 150 and 155 in FIG. 1. Theone or more checkout service servers 130 may connect via networkconnection(s) to one or more financial entity servers 135 associatedwith one or more financial entities 115, which may be banks, credit cardinstitutions, or other financial institutions, the network connection(s)illustrated via arrow lines 160 and 165 in FIG. 1. In some cases, themerchant POS device 120 and payment reader terminal device 125 may beconnected in a wired or wireless manner, but not for the transfer ofpayment data or data related to the transaction (e.g., instead to sharea power supply or to transfer other non-sensitive information).

The checkout service 110 may include an application programminginterface (API) 170 through which the merchant POS device 120 and/or thepayment reader terminal device 125 may communicate with the one or morecheckout service servers 130. That is, the one or more checkout serviceservers 130 store include instructions that, when executed by one ormore processors of the one or more checkout service servers 130, allowor cause the processors to interpret information sent to the one or morecheckout service servers 130 from the merchant POS device 120 and/or thepayment reader terminal device 125 when the information is generated bycalling or invoking one or more functions of the API that in some casesformat the information according to a format dictated by the API.Execution of the instructions by the one or more processors of the oneor more checkout service servers 130 may further allow or cause theprocessors to format information according to the format dictated by theAPI before sending the information from the one or more checkout serviceservers 130 to the merchant POS device 120 and/or the payment readerterminal device 125. The information (in either direction) may include,for example, GET or HEAD actions requesting data, PUT or POST or PATCHactions creating and/or updating and/or overwriting and/or modifyingand/or sending data, DELETE actions deleting data, CONNECT actionsestablishing connections between two or more devices, OPTIONS actionsrequesting data about available communication options, TRACE actionsrequesting a response, other HTTP methods, or some combination thereof.In some cases, the information (in either direction) may include, forexample, payment requests, requests for further information, databasequeries, database query results, instructions or commands, paymentinstrument information, a payment amount update or modification, atransaction update or modification, a transaction cancellation, amerchant POS device identifier, a payment reader terminal deviceidentifier, another device identifier, other messages or types ofinformation, or some combination thereof. In some cases, the API may bea Representation State Transfer (RESTful) API. In some cases, the formatdictated by the API may be that of an HTTP request or a HTTP response.

One example of the communications 140, 145, 150, 155, 160, and 165 isgiven below. In this example, the arrow line 140 represents the merchantPOS device 120 sending a payment amount and a merchant POS deviceidentifier (ID) to the checkout service 110 (i.e., to the one or morecheckout service servers 130), optionally by calling the API 170 fromthe merchant POS device 120. The arrow line 150 represents the paymentreader terminal device 125 sending a payment terminal device identifier(ID) to the checkout service 110, optionally by calling the API 170 fromthe payment reader terminal device 125. The arrow line 150 may alsorepresent the payment reader terminal device 125 querying or polling thecheckout service 110 as to the existence of any transactions or orderspending processing. The arrow line 155 may represent the checkoutservice 110 sending the payment amount to the payment reader terminaldevice 125, optionally along with a request to the payment readerterminal device 125 to initiate reading of payment instrumentinformation, optionally calling the API 170 from the checkout service110. The arrow line 150 may then represent the payment reader terminaldevice 125 sending the payment instrument information (optionallyencrypted at the payment reader terminal device 125) to the checkoutservice 110 after the payment reader terminal device 125 reads thepayment instrument, optionally by calling the API 170 from the paymentreader terminal device 125.

The arrow line 160 represents the checkout service 110 sending at leastthe payment instrument information and the payment amount (andoptionally information identifying the customer, an account associatedwith the customer, the merchant, an account associated with themerchant, or a unique identifier associated with any of these) to theone or more financial entity servers 135 associated with the one or morefinancial entities 115. Based on the information that the financialentity servers 135 receive from arrow 160, the one or more financialentity servers 135 associated with the financial entities 115 identifyan account associated with the customer, such as the customer's personalbank account, an account of an organization that the customer belongsto, or a credit account associated with the customer's credit card or acredit card of an organization that the customer belongs to. The one ormore financial entity servers 135 associated with the financial entities115 identify an account associated with the merchant, and process atransfer of funds in an amount equivalent to at least the payment amount(optionally also including one or more added tips, taxes, and/or fees)from the identified account associated with the customer to theidentified account associated with the merchant. The arrow line 165represents the one or more financial entity servers 135 associated withthe financial entities 115 confirming to the checkout service 110whether the transfer was successful, meaning the transaction wassuccessfully processed, or unsuccessful, meaning the transactionprocessing was unsuccessful.

The arrow line 145 represents the checkout service 110 confirmingwhether the transaction was successfully processed to the merchant POSdevice 120, optionally via the API 170. The arrow line 155 representsthe checkout service 110 confirming whether the transaction wassuccessfully processed to the payment reader terminal device 125,optionally via the API 170. Upon receiving the confirmations, themerchant POS device 120 and/or payment reader terminal device 125 mayreturn to “default” or “end of transaction” or “next transaction”screens or interfaces in which they are ready for a next transaction. Insome cases, the arrow line 145 or 155 may also include receipt datagenerated at the checkout service 110 and used by the merchant POSdevice 120 and/or the payment reader terminal device 125 to print apaper receipt using a printer of the merchant POS device 120 and/or thepayment reader terminal device 125. The receipt may alternately oradditionally be sent by the checkout service 110 (and/or by the merchantPOS device 120 and/or by the payment reader terminal device 125) to aphone number (via text message), email address, or messaging platformusername associated with the customer.

In some cases, the checkout service 110 and/or payment reader terminaldevice 125 may perform a cardless transaction. That is, the merchant POSdevice 120 may receive a customer identifier from the customer, forexample as entered by the merchant or the customer via a user interfaceof the merchant POS device 120. The customer identifier (customer ID)may be, for example, the customer's name, phone number, email address,mailing address, bank account number, credit account number, driver'slicense number, government-issued identification number, username,personal identification number (PIN), a unique code, some otheridentifier establishing the customer's identity, or some combinationthereof. The merchant POS device 120 may send the customer identifier,and optionally also a merchant identifier (merchant ID) similarlyestablishing the identity of the merchant, to the checkout service 110along arrow line 140 along with the payment amount. The checkout service110 may then query a database for the customer identifier to locate anaccount at the checkout service associated with the customer, query thedatabase for the merchant identifier to locate an account at thecheckout service associated with the merchant, and perform a transfer ofat least the payment amount from the account associated with thecustomer to the account associated with the merchant. In some cases, thecustomer identifier and/or the merchant identifier are sent by thecheckout service 110 to the payment reader terminal device 125 or to theone or more financial entity servers 135, so that the database queriesand transfer of at least the payment amount from the account associatedwith the customer to the account associated with the merchant can occurat the payment reader terminal device 125, the one or more checkoutservice servers 130, the one or more financial entity servers 135, orsome combination thereof. Confirmations upon completion of the transfermay then be sent to the payment reader terminal device 125 and/or to themerchant POS device 120 by the checkout service 110.

A merchant POS and a payment terminal may sometimes be co-located in asingle device. In some cases, however, a merchant may need to use aparticular merchant POS device that is specially designed for themerchant's needs, for example to connect to a particular inventorymanagement system, or to connect to specialized hardware such as a barcode scanner or a scale to measure weight of items being purchased. Amerchant may also wish to offload receipt of customer personal data to aseparate payment terminal device to reduce the risk of loss of thatcustomer personal data in a data breach. The benefits of using separatea merchant POS device and a separate payment card reader terminal thusinclude granting the merchant freedom to customize their merchant POSdevice without compromising payment security and functionality.

The merchant POS device 120, the payment reader terminal device 125, theone or more checkout service servers 130, and the one or more financialentity servers 135 may each include one or more computing devices 700,or may include at least a subset of the components of the computingdevice 700 that are illustrated in and/or discussed with respect to FIG.7.

In some cases, the merchant POS device 120 may be identified herein asthe merchant device or the POS device. In some cases, the payment readerterminal device may be referred to herein as the payment reader, thepayment card reader, the payment instrument reader, the payment objectreader, the payment reader terminal, the payment card reader terminal,the payment instrument reader terminal, the payment object readerterminal, the payment terminal, the payment terminal device, theterminal device, the payment object reader device, the payment readerdevice, the payment card reader device, the payment instrument readerdevice, the payment object reader device, any of the terms identifiedabove with the word “payment” substituted with the word “transaction,”or some combination thereof. In some cases, the one or more checkoutservice servers 130 may be referred to collectively herein as thecheckout service 110. In some cases, the one or more financial entityservice servers 130 may be referred to collectively herein as the one ormore financial entities 115 or as the one or more payment processingservices.

FIG. 2 is a swim lane diagram illustrating a merchant point of sale(POS) device, a payment reader terminal, and a checkout servicecooperating to process a transaction between a customer and a merchant.In particular, the operations 200 of FIG. 2 are illustrated as beingperformed by the merchant POS device 120, the payment reader terminaldevice 125, the checkout service server(s) 130, the financial entityserver(s) 135, or some combination thereof.

At step 205, the merchant POS device 120 sends a request to process apayment amount for a transaction between a customer and a merchant tothe checkout service, the payment amount corresponding to one or morepurchases by the customer from the merchant, the request formatted foran API 170 of the checkout service 110 and optionally including amerchant POS device identifier (merchant POS device ID). At step 210,the checkout service server(s) 130 receive the request to process thepayment amount from the merchant POS device 120, and optionally receivethe merchant identifier. In some cases, the merchant POS device 125 mayalso send a customer identifier identifying the customer and/or amerchant identifier identifying the merchant to the checkout service110, which the checkout service 110 may receive and optionally use toidentify the customer and/or the merchant, and/or send on to the one ormore financial entity servers 135 (e.g., at step 245) so that thefinancial entity servers 135 can use the customer identifier and/ormerchant identifiers to identify the customer and/or the merchant.

At step 215, the checkout service server(s) 130 identify a paymentreader terminal device 125 that is authorized to cooperate with themerchant POS device 120. In some cases, the checkout service server(s)130 performs this by querying a database using the merchant POSidentifier sent by the merchant POS device 120 at step 205 and receivedat the checkout service 110 at step 210, and retrieving a record fromthe database as an output of the query. The record from the database mayidentify the merchant POS identifier as well as one or more paymentreader terminal device identifiers that identify one or more paymentreader terminal devices that are authorized to cooperate with themerchant POS device 120 identified by the merchant POS identifier. Thepayment reader terminal device identifier that identifies the paymentreader terminal device 125 discussed in FIG. 2 in particular isidentified as authorized to cooperate with the merchant POS device 125based on the payment reader terminal device identifier being one of theone or more payment reader terminal device identifiers in the record.The record may be generated during step 350 of a pairing process 300discussed in FIG. 3.

At step 220, the checkout service server(s) 130 transmit the paymentamount from the checkout service to the payment reader terminal device125. At step 225, the payment reader terminal device 125 receives thepayment amount from the checkout service server(s) 130.

At step 230, the payment reader terminal device 125 reads paymentinstrument information from a payment instrument, for example from amagnetic stripe or an IC chip of a payment card, or from a NFCtransceiver of a NFC-capable payment instrument. At step 235, thepayment reader terminal device 125 transmits the payment cardinformation and optionally a payment reader terminal identifier to thecheckout service 110 formatted for the API 170 of the checkout service110. At step 240, the checkout service server(s) 130 receive the paymentcard information at the checkout service from the payment readerterminal device 125, optionally along with the payment reader terminalidentifier.

At step 245, the checkout service server(s) 130 trigger processing of atransfer of at least the payment amount from an account of the customerto an account of the merchant by transmitting at least the payment cardinformation and the payment amount from the checkout service tofinancial entity. In some cases, the checkout service server(s) 130 mayadd a tip, taxes, fees, and/or other additional amounts to the paymentamount if they have not already been added. In other cases, the tip,taxes, fees, and/or other additional amount may have been added to thepayment amount before step 245 at the merchant POS device 120 or at thepayment reader terminal device 125. At step 250, the financial entityserver(s) 135 receive the payment instrument information and the paymentamount from the checkout service 110. At step 252, the financial entityserver(s) 135 transfer at least the payment amount from an account ofthe customer to an account of the merchant 250.

In some cases, the payment instrument information is encrypted using anencryption key by the payment reader terminal device 125 after it isread at step 230 but before it is transmitted at step 235, and isdecrypted by the financial entity server(s) 135 using a correspondingencryption key. The encryption key stored at the payment reader terminaldevice 125 and the corresponding encryption key stored at the financialentity server(s) 135 may be the same encryption key, for example ifsymmetric encryption is used. The encryption key stored at the paymentreader terminal device 125 and the corresponding encryption key storedat the financial entity server(s) 135 may be different encryption keys,for example if asymmetric encryption is used. For example, if a publickey infrastructure (PKI) is used, one of the keys may be a private keywhile the other is a public key. The payment instrument information mayalso be hashed and/or tokenized at the payment reader terminal device125 and/or at the financial entity server(s) 135. Encryption algorithmsthat may be used may include, for example, Rivest-Shamir-Adleman (RSA)encryption, Secure Hash Algorithm (SHA), Elliptic Curve Cryptography(ECC), Diffie-Hellman, or some combination thereof.

At step 255, the financial entity server(s) 135 send a confirmation thatthe transfer has been completed successfully, and therefore that thetransaction has been processed successfully, to the checkout service110. At step 260, the checkout service server(s) 130 receive thisconfirmation that the transfer has been completed successfully, andtherefore that the transaction has been processed successfully, from thefinancial entity server(s) 135. At step 265, the checkout serviceserver(s) 130 send a confirmation that the transfer has been completedsuccessfully, and therefore that the transaction has been processedsuccessfully, to the merchant POS device 120 and/or to the paymentreader terminal device 125. At step 270, the merchant POS device 120and/or to the payment reader terminal device 125 receive theconfirmation that the transfer has been completed successfully, andtherefore that the transaction has been processed successfully, from thecheckout service server(s) 130. Upon receiving the confirmation, themerchant POS device 120 and/or to the payment reader terminal device 125can reset to a default mode in which the merchant POS device 120 and/orthe payment reader terminal device 125 can prepare for a nexttransaction.

In some cases, the checkout service server(s) 130 also generate areceipt at step 260, and the confirmation(s) sent at step 265 includereceipt data to be used by the merchant POS device 120 and/or thepayment reader terminal device 125 for printing, displaying, or sendingthe receipt. For example, the merchant POS device 120 and/or the paymentreader terminal device 125 may print out the receipt using a printer ofthe merchant POS device 120 and/or of the payment reader terminal device125. The merchant POS device 120 and/or the payment reader terminaldevice 125 may request input of a phone number or email address ormessenger platform username of the customer (unless the phone number oremail address or messenger platform username has already been receivedby the merchant POS device 120 and/or the payment reader terminal device125) and may send the receipt to the customer over text message or emailor messenger platform. The merchant POS device 120 and/or the paymentreader terminal device 125 may send the phone number or email address ormessenger platform username to the checkout service 110 (if it has notsent this information already, or if the checkout service 110 does nothave this information already such as from a previous transaction) sothat the checkout service 110 may send the receipt to the user over textmessage or email or messenger platform.

In some cases, the checkout service server(s) 130 may generate an“order” data structure based on the payment amount upon receipt of therequest at step 210. The order data structure may include, for example,the payment amount, the merchant identifier, and the customeridentifier. In some cases, the order may include a list of the one ormore purchases requested by the customer—that is, the one or more itemsand/or services that the customer is requesting to purchase—andoptionally prices for each of these. In some cases, the total paymentamount may be calculated by the service server(s) 130 rather than by themerchant POS device 120. Step 220 may in some cases include transmittingthe payment amount, but it may instead include transmitting the orderdata structure, or at least a subset of the information stored in theorder data structure. In some cases, thus, the checkout serviceserver(s) 130 send information identifying the one or more purchasesrequested by the user, and/or the prices associated with each, to thepayment reader terminal device 120 at step 220, and the total paymentamount may be calculated by the payment reader terminal device 120rather than by the checkout service server(s) 130 or by the merchant POSdevice 120. In some cases, an order may be updated or modified beforethe payment instrument is read, or even after the payment instrument isread but before the transaction is processed at the financial entityserver(s) 135. In such cases, the merchant POS device 120 or paymentreader terminal device 125 can send a request to the checkout servicesserver(s) 130 to update the order data structure, and the checkoutservices server(s) 130 can notify the merchant POS device 120 and/or thepayment reader terminal device 125 about the update or modification tothe order if necessary, can update the order data structure, can updatethe total payment amount if applicable, and can perform step 220 againby sending the updated order or payment amount to the payment readerterminal device 125 for payment instrument reading and/or can performstep 245 to trigger processing of the transaction with the updated orderand/or payment amount.

While the operations 200 of FIG. 2 do not illustrate entry of a PIN, asignature, selection of a tip amount, selection of a donation amount toa charity, or any such customer information entry action, it should beunderstood that any of these may occur at the merchant POS device 120and/or at the payment reader terminal device 125, in some casesdepending on the capabilities of each. If the payment reader terminaldevice 125 includes a display screen as illustrated in FIG. 1, as wellas a touchscreen interface or a keypad, then these can be received atthe payment reader terminal device 125, and the payment reader terminaldevice 125 can send a request to the checkout service 110 to update ormodify the order or payment amount if appropriate, or to generate a newtransaction if appropriate. If the payment reader terminal device 125does not include a display screen or an appropriate touchscreeninterface or keypad, or if the merchant chooses not to use these, thenthese can be received at the merchant POS device 120, and the merchantPOS device 120 can send a request to the checkout service 110 to updateor modify the order or payment amount if appropriate, or to generate anew transaction if appropriate. In the case of a donation to a charity,a new transaction may be requested, since the donation amount will bepaid to the charity rather than to the merchant, with the new order datastructure for this new transaction including information identifying thecharity so that the financial entity server(s) 135 can be notified bythe checkout service server(s) 130 to transfer the customer's funds toan account associated with the charity.

In some cases, the merchant POS device 120 may be a web-based POS systemon a website rather than a device physically located at the merchantlocation 105. In this case, the merchant POS device 120 may be a webserver that serves the web site, a browser device that browses thewebsite, or some combination thereof. The payment reader terminal device125 may, in this situation, be a device that enabled a cardlesstransaction, such as the customer's own mobile device. Such a situationis illustrated in and discussed further with respect to FIG. 6.

In some cases, after the operations 200 of FIG. 2 have been performedone or more times for one or more separate transaction involving one ormore customers, the checkout service server(s) 130 can generateanonymized analytics based on data collected during each of thetransactions, and send the anonymized analytics back to the merchant POSdevice 120 or to another computing device associated with the merchant.The data can be anonymized by stripping customer identifiers, such asnames, phone numbers, member numbers, addresses, from the data, or bygenerating new customer identifiers (e.g., unique strings ofalphanumeric characters) that cannot be traced to the original customeridentifiers. The anonymized analytics may, for example, show a merchantpeak purchasing times, show a merchant slow times in which the fewestpurchases are made, or show a merchant how many of its customers arepurchasing a particular item or service. In some cases, a wirelessbeacon or wireless network may be used to detect mobile devices ofpersons entering the merchant's storefront (or vicinity), in which casethe anonymized analytics may show how many of the persons entering themerchant's storefront (or vicinity) become customers. In some cases,these analytics may not be anonymized, though anonymization can bevaluable in that, if the merchant suffers a data breach, personalcustomer data, such as any of the customer identifiers discussed herein,are not disclosed.

FIG. 3 is a swim lane diagram illustrating authorized pairing of amerchant point of sale (POS) device and a payment reader terminal via acheckout service. In particular, the operations 300 of FIG. 3 areillustrated as being performed by the merchant POS device 120, thepayment reader terminal device 125, the checkout service server(s) 130,the financial entity server(s) 135, or some combination thereof.

At step 305, the checkout service server(s) 130 optionally provide anAPI key of the API 170 of the checkout service 110 to developers of themerchant POS device 120 so that the API key can be used in the code runby the merchant POS device 120. At step 310, developers customize thesoftware run by the merchant POS device 120 to call the API 170 of thecheckout service, optionally using the API key sent at step 305.

At step 315, the merchant POS device 120 sends a merchant POS deviceidentifier (ID) to the checkout service 110, optionally formatted forthe API 170. At step 320, the checkout service server(s) 130 receive themerchant POS device identifier (ID) from the merchant POS device 120. Insome cases, the merchant POS device identifier may be a serial number ormodel number of the merchant POS device 120, or another uniqueidentifier of the merchant POS device 120.

At step 325, the payment reader terminal device 125 sends a paymentreader terminal device identifier (ID) to the checkout service 110,optionally formatted for the API 170. At step 330, the checkout serviceserver(s) 130 receive the merchant POS device identifier (ID) from themerchant POS device 120. In some cases, the payment reader terminaldevice identifier may be a serial number or model number of the paymentreader terminal device 125, or another unique identifier of the paymentreader terminal device 125. In some cases, step 325 is performed as aresult of the payment reader terminal device 125 receiving an input viaan interface (e.g., the touchscreen) of the payment reader terminaldevice 125, the input optionally being from the merchant, the inputoptionally agreeing to pair the payment reader terminal device 125 withthe merchant POS device 120. In some cases, the input from the merchantis a login from the merchant or an entry of a merchant identifier of themerchant into the payment reader terminal device 125, in which casepayment reader terminal device 125 may also send the merchant identifieror merchant login to the checkout service 110 along with the terminaldevice identifier at step 325 to simultaneously act as the notificationof step 340. Steps 325 and 330 may occur before, after, or during any ofsteps 305, 310, 315, and/or 320. In some cases, steps 325 and 330 maynot occur at all, and the payment reader terminal device identifier maybe sent to the checkout service 110 for the first time at steps 340 and345.

At step 335, the payment reader terminal device identifier is optionallyinput into the merchant POS device 120. In some cases, the paymentreader terminal device identifier may be punched in via a keypad,keyboard, touchscreen, or other input interface. In other cases, thepayment reader terminal device identifier may be scanned in to themerchant POS device 120 via scanning of a bar code or quick response(QR) code that is on the housing of the payment reader terminal device125 or that is displayed on a display screen of the payment readerterminal device 125. At step 340, the merchant POS device 120 optionallynotifies the checkout service 110 that the payment reader terminaldevice 125 was identified to the merchant POS device 125, optionally viathe API 170. At step 345, the checkout service server(s) 130 receive thenotification, optionally from the merchant POS device 120. Thenotification of steps 340 and 345 may optionally include the paymentreader terminal device identifier as input or otherwise received by themerchant POS device 120. In some cases, a different device other thanthe merchant POS device 120 may perform steps 335 and 340, such as apersonal user device (e.g., a smartphone) associated with the merchant,in which case it is a notification that the payment reader terminaldevice 125 has been identified to the merchant generally more so than tothe merchant POS device 120 specifically. Use of the different devicemay increase flexibility by reducing how much the merchant POS device125 must be customized at step 310, and may make pairing easier by usinga device that the merchant is already familiar with.

In some cases, receipt at the checkout service 110 of the notificationindicating that the terminal device has been identified to the merchantat step 345 may include receipt of a serial number (or other paymentreader terminal device identifier) associated with the payment readerterminal device 125 from a device other than the payment reader terminaldevice 125, such as the merchant POS device 120 or mobile device of themerchant. In some cases, receipt at the checkout service 110 of thenotification indicating that the terminal device has been identified tothe merchant at step 345 may include receipt of a code generated by andoutput by the payment reader terminal device 125 (e.g., the code outputvia a display and/or speaker of the payment reader terminal device 125)from a device other than the payment reader terminal device 125, such asthe merchant POS device 120 or mobile device of the merchant. In somecases, receipt at the checkout service 110 of the notificationindicating that the terminal device has been identified to the merchantat step 345 may include receipt of a code output by a mobile device inresponse to the mobile device interacting with the payment readerterminal device 125 (e.g., in response to the mobile device scanning aQR code displayed by the payment reader terminal device 125) from adevice other than the payment reader terminal device 125, such as themerchant POS device 120 or the mobile device. In some cases, receipt atthe checkout service 110 of the notification indicating that theterminal device has been identified to the merchant at step 345 mayinclude receipt of an indication that the payment reader terminal device125 (or an identifier of the payment reader terminal device 125) hasbeen selected from a list of devices (or identifiers thereof) at themerchant device. In some cases, receipt at the checkout service 110 ofthe notification indicating that the terminal device has been identifiedto the merchant at step 345 may include receipt of a notification fromthe merchant POS device 120 indicating that the merchant POS device 120has received a payment reader terminal device identifier (e.g., serialnumber, code generated by the payment reader terminal device) associatedwith the payment reader terminal device 125. In some cases, receipt atthe checkout service 110 of the notification indicating that theterminal device has been identified to the merchant at step 345 mayinclude receipt of a notification from the payment reader terminaldevice 125 including a merchant identifier in response to receiving amerchant input at the payment reader terminal device 125 with themerchant identifier.

At step 350, in response to receipt of the notification from themerchant POS device 120 or from the different device at step 345, thecheckout service server(s) 130 generates a pairing record in a databasethat is stored at or otherwise accessible to the checkout serviceserver(s) 130, the pairing record identifying at least the merchant POSdevice identifier received in step 320 and the payment reader terminaldevice identifier received in step 330 (and/or in step 345). The pairingrecord indicates that the payment reader terminal device 125corresponding to the payment reader terminal device identifier isauthorized to collaborate with the merchant POS device 120 correspondingto the merchant POS device identifier in that the payment readerterminal device 125 is authorized to read payment instrument informationfor use in processing one or more transactions initiated by the merchantPOS device 120. The pairing record of step 350 may be the same recorddiscussed with respect to step 215 of the operations 200 of FIG. 2.

In some cases, more than one payment reader terminal device 125 may bepaired with a particular merchant POS device 120. In this case, themerchant POS device 120 may present the merchant with a list ofauthorized payment reader terminal devices 125 that the merchant can usewith the particular merchant POS device 120 he or she is using, fromwhich the merchant can select one via a user interface of the merchantPOS device 120. This may be useful in situations where a merchant wishesto move about different locations within their a storefront with onlythe merchant POS device 120, which allows the merchant to then use thenearest payment reader terminal device 125. To facilitate this use case,a map may be used instead of a list, the map optionally showing both thelocations of each of the paired/authorized payment reader terminaldevices 125 as well as the location of the merchant POS device 120 (andtherefore of the merchant). The locations of each of these devices maybe identified based on positioning receivers of the payment readerterminal devices 125 and/or of the merchant POS device 120, such as GNSSreceivers, WLAN receivers, cellular network receivers, Bluetoothreceivers, and the like. Bluetooth beacons may be distributed throughoutthe merchant location 105 (i.e., the storefront) to enhance indoorpositioning, since GNSS-based typically works more accurately outdoorsthan indoors.

FIG. 4 is a swim lane diagram illustrating interactive customizedmessaging at the payment reader terminal. In particular, the operations400 of FIG. 4 are illustrated as being performed by the merchant POSdevice 120, the payment reader terminal device 125, the checkout serviceserver(s) 130, the financial entity server(s) 135, or some combinationthereof.

At step 405, the checkout service server(s) 130 receive a message. Atstep 410, the checkout service server(s) 130 send the message thepayment reader terminal device 125. At step 415, the payment readerterminal device 125 receives the message from the checkout serviceserver(s) 130. In some cases, the checkout service server(s) 130 sendinstructions along with the message to the payment reader terminaldevice 125, the instructions identifying that the payment readerterminal device 125 should display the message until it is time for thepayment reader terminal device 125 to read payment instrumentinformation and/or otherwise fulfill its role in payment processing forthe transaction initiated by the merchant POS device 120. The messagemay include text, one or more images, one or more videos, audio, or somecombination thereof. The message may include a logo of the merchant, forexample. The message may include offers, promotions, coupons, ordiscounts that may be applied to items or services already beingpurchased by the customer. The message may include one or moreadvertisements, offers, promotions, coupons, or discounts for additionalitems or services to purchase from the merchant, for example for itemsor services that the customer has purchased in the past, for items orservices that are complementary or related to items or services that thecustomer is currently purchasing or has purchased in the past, or foritems or services that are often purchased by other customers along withitems or services that the customer is currently purchasing or haspurchased in the past. Complementary or related to items or services mayinclude items or services from the same brand, same manufacturer, samedistributor, same category (e.g., office supplies, clothing,consumables), that are useful alongside one another (e.g., pen and paperand pencil, printer and paper and ink cartridge, meal and side dish andbeverage, sun hat and sunglasses and sunscreen and swimwear and beachtowel, warm hat and coat and gloves).

At step 420, a processor of the payment reader terminal device 125renders the message for display, then displays the message via a displayscreen of the payment reader terminal device 125, at least until receiptof the payment amount by the payment reader terminal device 125 at step220. At step 425, the payment reader terminal device 125 optionallyreceives an input from the customer via a user interface of the paymentreader terminal device 125 (e.g., a touch-sensitive interface of a touchscreen, a button) while the message is displayed via the display screenof the payment reader terminal device 125. At step 430, in response toreceipt of the input at step 425, the payment reader terminal device 125sends a request to the checkout service 110 for a modification to the ttransaction. The modification may depend on the content of the message.For example, if the message advertises an additional item or service,the modification may include adding the additional item or service forpurchase as part of the transaction. If the message includes an offer,promotion, discount, or coupon applicable for a particular item orservice, the modification may include reducing the price associated withthe particular item or service, and as a result reducing the paymentamount.

At step 435, the checkout service server(s) 130 receives the request forthe modification to the transaction. At step 440, the checkout serviceserver(s) 130 notifies the merchant POS device 120 regarding the requestfor the modification to the transaction, for example by sending therequest for the modification to the transaction on to the merchant POSdevice 120, or by otherwise identifying the requested modification tothe transaction to the merchant POS device 120. At step 445, themerchant POS device 120 receives the notification stent at step 440. Atstep 450, the merchant POS device 120 modifies the transaction asrequested, for example by adding the additional item or service, or byreducing the price of an item or service, and modifies the paymentamount as needed if applicable.

Step 455 is identical to step 205 from the operations 200 of FIG. 2,though the request of step 4555 has the updated payment amountassociated with the transaction having the modification applied in step450. Step 460 is identical to step 210 from the operations 200 of FIG.2, though again with the new modified payment amount. Step 465 isidentical to step 215 from the operations 200 of FIG. 2, though againwith the new modified payment amount. Step 465 is identical to step 220from the operations 200 of FIG. 2, though again with the new modifiedpayment amount. Step 470 is identical to step 225 from the operations200 of FIG. 2, though again with the new modified payment amount.

At step 475, in response to receipt of the payment amount at step 470,the payment reader terminal device 125 displays payment instructions viathe display screen of the payment reader terminal device 125 until thepayment instrument is received (e.g., into a slot of the payment readerterminal device 125) and/or read by one of the one or more paymentinstrument readers of the payment reader terminal device 125.

FIG. 5 is an architecture diagram of a payment reader terminal device.

The architecture diagram of the payment reader terminal device 125 ofFIG. 5 includes a main processor 505 in a housing 590, and optionallyone or more secure processor(s) 510 within a secure internal enclosure595 within the housing 590. The main processor 505 may executeinstructions to perform a variety of tasks, which may includecommunicating with the one or more secure processor(s) 510 as well ascommunicating with and/or controlling the various components coupleddirectly or indirectly to the main processor 505.

The main processor 505 is coupled to a main battery 540 and optionally abackup battery 545 in FIG. 5. In some cases, the main battery 540 may berechargeable, while the backup battery 545 may be non-rechargeable.Ultimately, however, either or both of the batteries may be rechargeableor non-rechargeable. The main processor 505, main battery 540, and/orbackup battery 545 may also be connected to a power connector (notpictured) that can be connected to an external battery (not pictured),an external generator (not pictured), or a power outlet (not pictured).The power connector can be used to recharge the main battery 540 and/orbackup battery 545. The power connector can also be used to directlypower the processor 505 and all other components of the payment readerterminal device 125, even if both the main battery 540 and backupbattery 545 are missing.

The main processor 505 is coupled to a printer 570 via a printercontroller 560. The printer 570 may be used to print receipts, coupons,barcodes, quick-response (“QR”) codes, or some combination thereof. Theprinter 570 may be a thermal printer, a direct thermal printer, athermal transfer thermal printer, a solid-ink “phaser” printer, aninkjet printer, a thermal inkjet (“bubblejet”) printer, a continuousinkjet printer, a piezoelectric inkjet printer, a dye-sublimationprinter, a laser printer, an LED printer, or some combination thereof.The printer controller 560 may include a memory and/or a processor,microcontroller or ASIC (application specific integrated controller)with which it may adjust various printer setting values assigned tovarious printer settings to control various aspects of the how theprinter 570 prints.

In some cases, the main processor 505 is coupled to a temperature sensor575 in FIG. 5 used to ensure that the payment reader terminal device 125stays within a temperature range in which it can operate safely andsecurely. The temperature sensor may optionally include one or morethermistors, and may optionally be connected to the main battery 540and/or to the printer 570. The temperature sensor may include one ormore of a Negative Temperature Coefficient (NTC) thermistor, aResistance Temperature Detector (RTD), a resistance thermometer, athermocouple, an infrared sensor, a bimetallic device, a thermometer, achange-of-state sensor, a semiconductor-based temperature sensor, asilicon diode or other diode with temperature-sensitive voltagecharacteristics, or some combination thereof.

The main processor 505 may be connected to one or more antennas,including an 802.11 Wi-Fi antenna 555, a cellular phone network antenna550, a Bluetooth® antenna, a Bluetooth® Low Energy (BLE) antenna, anyother antennae or communication means discussed with respect to theoutput devices 750 or input devices 760 of FIG. 7, or some combinationthereof. The main processor 505 may alternately be connected to othermeans to networking, such as a wired Ethernet port.

The main processor 505 may be any type of processor 710 identified withrespect to FIG. 7, and may be in some cases be part of, or include, anapplication-specific integrated circuit (ASIC). While the main processor505 and secure processor(s) 510 are illustrated as separate componentsin FIG. 5, the main processor 505 and secure processor(s) 510 may insome cases be combined into a single component. It should be understoodthat any actions described herein as being performed by the secureprocessor(s) 510 can alternately or additionally be performed by themain processor 505, and that that any actions described herein as beingperformed by the main processor 505 can alternately or additionally beperformed by the secure processor(s) 510.

The secure internal enclosure 595 can include tamper protectioncircuitry 530, such as tamper traces or grids running along one or moresurfaces of the secure internal enclosure, allowing the secureprocessor(s) 510 to detect attempts to tamper with the secure internalenclosure 595 or any components within. For example, tamper protectioncircuitry 530 can detect attempts to open the secure internal enclosure595, to drill into the secure internal enclosure 595, to modify thesecure internal enclosure 595, or to flood the secure internal enclosure595 with a conductive fluid, such as a conductive ink. The tamperprotection circuitry 530 can do this by measuring voltages at one ormore points along a circuit connected to the tamper traces or gridsrunning along the surface(s) of the secure internal enclosure 595,allowing the tamper protection circuitry 530 to detect short circuits,breaks in the circuit, or other changes in voltage outside of ordinarythreshold levels, which would typically indicate a tampering attempt.Detection of a tamper attempt could be used by the secure processor(s)510 or main processor 505 to disable at least a subset of the functionsor components of the payment reader terminal device 125. In some cases,one or more conductive tamper traces run along an interior surface ofthe secure internal enclosure 595, and the tamper protection circuitry530 is configured to detect a change in voltage along the one or moreconductive tamper traces, for example caused by a break in a conductivetamper trace caused by a tamper attempt, or caused by a first conductivetamper trace that is normally (i.e., when not tampered with) at a firstvoltage being connected during a tamper attempt to a second conductivetamper trace that is normally (i.e., when not tampered with) at a secondvoltage.

The secure internal enclosure 595 and its included tamper protectioncircuitry 530 can be used to protect any circuitry that reads, stores,or otherwise conveys sensitive information, such as credit or debit cardnumbers, near field communication (NFC) signal data from a NFC objectconveying transaction information, bank account information, otherpayment instrument information, bank account information, credit accountinformation, customer identifiers, merchant identifiers, payment readerterminal device identifiers, other transaction information, customerbiometric information, customer contact information, customer identityinformation, customer photographs or facial scans, PersonalIdentification Number (PIN) numbers or codes, handwritten signaturescans, handwritten signatures entered via a touch-sensitive surface ofthe payment reader terminal device 125, digital certificate signatures,symmetric encryption keys, asymmetric encryption keys, other types ofencryption keys, and so forth.

Because information entered via a touch-sensitive screen surfaceinterface 525 of a touchscreen 210 may include sensitive information,such as PIN codes or handwritten signatures entered via touch-sensitivesurface, circuitry reading inputs of the touch-sensitive surface may insome cases be housed in the secure internal enclosure 595, while thecircuitry of the display screen 520 of the touchscreen 210 might not be.Likewise, the payment reader terminal device 125 may include other inputdevices 760 as discussed with respect to FIG. 7, such as physicalkeypads, whose circuitry might also be located in the secure internalenclosure 595 for the same reasons. The touch-sensitive screen surfaceinterface 525 may use any type of display discussed in reference to thedisplay system 770 of FIG. 7, and may use capacitive touch sensing,resistive touch sensing, inductive touch sensing, or some combinationthereof. For example, the touch-sensitive screen surface interface 525may utilize a Indium Tin Oxide (ITO) touch-sensitive layer or a printedink touch-sensitive layer.

The secure processor(s) 510 are also connected to one or more paymentinstrument reader(s) 515. The payment instrument reader(s) 515 mayinclude a magnetic stripe reader 235, an integrated circuit (IC) chipreader 225, a near field communication (NFC) reader, or some combinationthereof. The magnetic stripe reader 235 reads payment instrument datafrom a magnetic stripe of a payment instrument such as a payment card.The IC chip reader 225 reads payment instrument data from an IC chip ofa payment instrument such as a payment card. The IC chip may be a chipfollowing Europay/Mastercard/Visa (“EMV”) standards, also known as anEMV chip. The NFC reader reads payment instrument data from wireless NFCsignals received from a payment instrument such as a payment card orpayment device. The payment instrument may be a payment card, such as acredit card or a debit card. The payment instrument may be any type ofNFC-capable device, such as an active NFC tag, a passive NFC tag, or acomputer system 500 as described with respect to FIG. 5. In some cases,multiple payment instrument readers 515 may share components—forexample, the IC chip reader 225 and the NFC reader may share acontactless antenna. Once the payment instrument reader(s) 515 retrievethe payment instrument data from the payment instrument, the paymentinstrument reader(s) 515 send the payment instrument data to the secureprocessor(s) 510 and/or main processor 505. The payment instrumentreader(s) 515 or secure processor(s) 510 sometimes modify or encrypt thepayment instrument data using an encryption key stored in a memory (notpictured) associated with the payment instrument reader(s) 515 and/orsecure processor(s) 510 before sending it to the main processor 505.

The main processor 505 may also be connected to a memory 535 that storesvarious instructions to be executed by the main processor, such asinstructions corresponding to a financial transaction softwareapplication allowing the main processor 505 to receive transaction dataread by the payment instrument reader(s) 515, optionally via the secureprocessor(s) 510, and to transmit that data to one or more financialtransaction processing server(s), such as credit or debit cardprocessing server(s) and/or bank server(s), thereby conducting afinancial transaction between a merchant and a buyer whose transactioninformation was read via the payment instrument reader(s) 515. Thememory 535 may also store settings associated with the printercontroller 560, the display screen 520, the touch-sensitive screensurface interface 525, the Wi-Fi antenna 555, the cellular antenna 550,the NFC transceiver, and various other components of the payment readerterminal device 125.

The main processor 505 may also be connected to at least one externalconnector 580, which may be an externally-facing female port or maleplug that may allow the POS device 510 to connect to other devices orpower sources. In some cases, the external connector 580 may allow thepayment reader terminal device 125 to connect to any other computingdevice 700, or to any device including at least a subset of thecomponents identified in FIG. 8 or discussed in its description. Thepayment reader terminal device 125 may be connected to one or moreperipheral devices or hubs via the at least one external connector 580.The payment reader terminal device 125 may in some cases act as aperipheral device to a host device connected via the at least oneexternal connector 580. In some cases, the external connector 580 mayfunction as the power connector discussed above with respect to thebatteries 540/145 and/or external power sources. In some cases, theexternal connector 580 may be a universal serial bus (USB) port/plugusing any USB standard, including USB Type-A, USB Type-B, USB Type-C,USB 5.x, USB 2.x, USB 3.x, USB 4.x, Thunderbolt, USB mini, USB micro,USB On-The-Go (OTG), any other USB standard, or some combinationthereof. In other cases, the external connector 580 may be an Apple®Lightning® port/plug, an Ethernet port/plug, a fiber optic port/plug, aproprietary wired port/plug. In other cases, the external connector 580may be a wireless transceiver, such as one supporting a BLUETOOTH®wireless signal transfer, a BLUETOOTH® low energy (BLE) wireless signaltransfer, a radio-frequency identification (RFID) wireless signaltransfer, near-field communications (NFC) wireless signal transfer,802.11 Wi-Fi wireless signal transfer, cellular data network wirelesssignal transfer, a radio wave signal transfer, a microwave signaltransfer, an infrared signal transfer, a visible light signal transfer,an ultraviolet signal transfer, a wireless signal transfer along theelectromagnetic spectrum, or some combination thereof.

The payment reader terminal device 125 may also include variousadditional or alternative elements connected to the main processor 505and/or the secure processor(s) 510, each of which may optionally belocated in the secure internal enclosure 595. Such additional oralternative elements may include microphones. The additional oralternative elements may include cameras, such as visible light cameras,infrared cameras, ultraviolet cameras, night vision cameras, or evenambient light sensors. Ambient light sensors may optionally be coupledto the main processor 505 and/or the display screen 520 to controlbrightness of the display screen 520 and/or of a backlight of thedisplay screen 520 in order to acclimatize to the ambient light levelaround the payment reader terminal device 125 and prevent the displayscreen 520 from appearing too bright/harsh or too dim/unclear. Theadditional or alternative elements may include biometric sensors, suchas fingerprint scanners, handprint scanners, voice authentication,facial recognition or iris scanners (using any of the camera typesdiscussed above), blood testers, DNA testers, or some combinationthereof. The processor(s) 505/110 may compare received biometric datafrom the buyer via the biometric sensors against databases stored withinthe memory 535 or accessible to the payment reader terminal device 125via a network connection via the Internet or a private network. Theadditional or alternative elements may include one or moreaccelerometer(s) and/or one or more gyroscope(s), allowing theprocessor(s) 505/110 of the payment reader terminal device 125 to reactto being tilted, moved, or shaken, optionally as indications oftampering via the tamper protection circuitry 530 if the payment readerterminal device 125 is intended to be stationary. The additional oralternative elements may include one or more indicator lights, which maybe light-emitting diodes (LED) and may emit light, optionally at varyingbrightnesses and/or colors, to indicate a successful transaction, toindicate a failed transaction, to indicate that a card or other paymentinstrument should be presented/inserted/swiped, to indicate that a cardor other payment instrument should be removed, to indicate that a userinput such as a PIN code must be input via the touch-sensitive displayscreen 210, to indicate that an input via the touch-sensitive displayscreen 210 has been received, to indicate successful connection via anyof the antennae of the POS system 500, to indicate failure to connectvia any of the antennae of the POS system 500, to indicate a signalstrength associated with any of the antennae of the POS system 500, orsome combination thereof. The additional or alternative elements mayinclude any components illustrated in or discussed with respect to FIG.7.

It should be noted that the components of the payment reader terminaldevice 125 of FIG. 5 are just exemplary. In some cases, any subset ofthese may be missing from the payment reader terminal device 125. Forexample, a payment reader terminal device 125 may be a “headless” devicethat has no display screen 520 or touch-sensitive surface interface 525,and may instead include one or more light emitting diodes (LEDs) asindicators of when to insert a payment card or approach with aNFC-enabled payment instrument and/or one or more speakers and/or one ormore physical buttons, or may include none of these things. The paymentreader terminal device 125 may have any number of payment instrumentreaders 515—it may have one or more magnetic stripe readers, one or moreIC chip readers, one or more NFC readers, or any combination thereof.

FIG. 6 illustrates a system architecture including a web-based point ofsale (POS) device and mobile device that collaborate to perform acardless transaction. The system architecture 600 of FIG. 6 includes,for example, the checkout service 110, a web-based POS system 620, and amobile device 625.

In some cases, the merchant POS device 120 may be a web-based POS system620 hosted on a website rather than a device physically located at themerchant location 105. In this case, the merchant POS device 120 asdiscussed otherwise herein may be a web server that serves the website,a browser device that browses the website, or some combination thereof.That is, the web server or the browser device may fulfull the role ofthe merchant POS device 120 in the contexts discussed herein, forexample in the context of the architecture 100, the operations 200, theoperations 300, the operations 400, or some combination thereof.

In this case, the web-based POS 620 may receive an input from themerchant or customer interacting with the website to select one or morepurchases of items and/or services by the customer from the merchant.The web-based POS 620—that is, the web server or the browser device—maysent a request (signified by arrow 630) to the checkout service 110 toprocess the payment amount of the transaction, which may be received bythe checkout service 110, much like steps 205 and 210 of the operations200 of FIG. 2.

The checkout service 110 may, as signified by arrow 635, output a quickresponse (QR) code 605 in response to receipt of the request at arrow630. As signified by arrow 640, the QR code 605 may be sent to the webserver and/or browser device so that it appears in the web-based POS 620and is displayed by the device browsing the web-based POS 620, forexample via an iFrame in the web-based POS 620 or PHP insert intoweb-based POS 620. A customer can use his or her mobile device 625 toscan the QR code 605 with a camera of the mobile device 625 as signifiedby the arrow 645. The QR code 605, as generated by the checkout service110, may lead to a webpage associated with the checkout service 110through which the customer may perform a cardless checkout, for exampleby entering payment instrument information such as credit or debit cardnumbers, by entering a login associated with the checkout service toaccess previously-entered or previously-read payment instrumentinformation. The customer can then approve of the payment and directlynotify the checkout service (as signified by arrow 650) to proceed withtransfer of funds from an account associated with the customer to anaccount associated with the merchant. The checkout service 110 may thenperform the transfer or request that one or more financial entityserver(s) 135 perform the transfer as in steps 245, 250, and 252 of theoperations 200 of FIG. 2. Like steps 255, 260, 265, and 270 of theoperations 200 of FIG. 2, the checkout service 110 may receive and sendconfirmations that the transfer has completed successfully and that thetransaction has been processed successfully.

The QR code 605 may alternately be a bar code or a text link that may beentered into the mobile device 625 manually.

FIG. 7 illustrates an exemplary computing system 700 that may be used toimplement some aspects of the technology. For example, any of thecomputing devices, computing systems, network devices, network systems,servers, and/or arrangements of circuitry described herein may includeat least one computing system 700, or may include at least one componentof the computer system 700 identified in FIG. 7. The computing system700 of FIG. 7 includes one or more processors 710 and memory 720. Eachof the processor(s) 710 may refer to one or more processors,controllers, microcontrollers, central processing units (CPUs), graphicsprocessing units (GPUs), arithmetic logic units (ALUs), acceleratedprocessing units (APUs), digital signal processors (DSPs), applicationspecific integrated circuits (ASICs), field-programmable gate arrays(FPGAs), or combinations thereof. Each of the processor(s) 710 mayinclude one or more cores, either integrated onto a single chip orspread across multiple chips connected or coupled together. Memory 720stores, in part, instructions and data for execution by processor 710.Memory 720 can store the executable code when in operation. The system700 of FIG. 7 further includes a mass storage device 730, portablestorage medium drive(s) 740, output devices 750, user input devices 760,a graphics display 770, and peripheral devices 780.

The components shown in FIG. 7 are depicted as being connected via asingle bus 790. However, the components may be connected through one ormore data transport means. For example, processor unit 710 and memory720 may be connected via a local microprocessor bus, and the massstorage device 730, peripheral device(s) 780, portable storage device740, and display system 770 may be connected via one or moreinput/output (I/O) buses.

Mass storage device 730, which may be implemented with a magnetic diskdrive or an optical disk drive, is a non-volatile storage device forstoring data and instructions for use by processor unit 710. Massstorage device 730 can store the system software for implementing someaspects of the subject technology for purposes of loading that softwareinto memory 720.

Portable storage device 740 operates in conjunction with a portablenon-volatile storage medium, such as a floppy disk, compact disk orDigital video disc, to input and output data and code to and from thecomputer system 700 of FIG. 7. The system software for implementingaspects of the subject technology may be stored on such a portablemedium and input to the computer system 700 via the portable storagedevice 740.

The memory 720, mass storage device 730, or portable storage 740 may insome cases store sensitive information, such as transaction information,health information, or cryptographic keys, and may in some cases encryptor decrypt such information with the aid of the processor 710. Thememory 720, mass storage device 730, or portable storage 740 may in somecases store, at least in part, instructions, executable code, or otherdata for execution or processing by the processor 710.

Output devices 750 may include, for example, communication circuitry foroutputting data through wired or wireless means, display circuitry fordisplaying data via a display screen, audio circuitry for outputtingaudio via headphones or a speaker, printer circuitry for printing datavia a printer, or some combination thereof. The display screen may beany type of display discussed with respect to the display system 770.The printer may be inkjet, laserjet, thermal, or some combinationthereof. In some cases, the output device circuitry 750 may allow fortransmission of data over an audio jack/plug, a microphone jack/plug, auniversal serial bus (USB) port/plug, an Apple® Lightning® port/plug, anEthernet port/plug, a fiber optic port/plug, a proprietary wiredport/plug, a BLUETOOTH® wireless signal transfer, a BLUETOOTH® lowenergy (BLE) wireless signal transfer, an IBEACON® wireless signaltransfer, a radio-frequency identification (RFID) wireless signaltransfer, near-field communications (NFC) wireless signal transfer,dedicated short range communication (DSRC) wireless signal transfer,802.11 Wi-Fi wireless signal transfer, wireless local area network(WLAN) signal transfer, Visible Light Communication (VLC), WorldwideInteroperability for Microwave Access (WiMAX), Infrared (IR)communication wireless signal transfer, Public Switched TelephoneNetwork (PSTN) signal transfer, Integrated Services Digital Network(ISDN) signal transfer, 3G/4G/5G/LTE cellular data network wirelesssignal transfer, ad-hoc network signal transfer, radio wave signaltransfer, microwave signal transfer, infrared signal transfer, visiblelight signal transfer, ultraviolet light signal transfer, wirelesssignal transfer along the electromagnetic spectrum, or some combinationthereof. Output devices 750 may include any ports, plugs, antennae,wired or wireless transmitters, wired or wireless transceivers, or anyother components necessary for or usable to implement the communicationtypes listed above, such as cellular Subscriber Identity Module (SIM)cards.

Input devices 760 may include circuitry providing a portion of a userinterface. Input devices 760 may include an alpha-numeric keypad, suchas a keyboard, for inputting alpha-numeric and other information, or apointing device, such as a mouse, a trackball, stylus, or cursordirection keys. Input devices 760 may include touch-sensitive surfacesas well, either integrated with a display as in a touchscreen, orseparate from a display as in a trackpad. Touch-sensitive surfaces mayin some cases detect localized variable pressure or force detection. Insome cases, the input device circuitry may allow for receipt of dataover an audio jack, a microphone jack, a universal serial bus (USB)port/plug, an Apple® Lightning® port/plug, an Ethernet port/plug, afiber optic port/plug, a proprietary wired port/plug, a wired local areanetwork (LAN) port/plug, a BLUETOOTH® wireless signal transfer, aBLUETOOTH® low energy (BLE) wireless signal transfer, an IBEACON®wireless signal transfer, a radio-frequency identification (RFID)wireless signal transfer, near-field communications (NFC) wirelesssignal transfer, dedicated short range communication (DSRC) wirelesssignal transfer, 802.11 Wi-Fi wireless signal transfer, wireless localarea network (WLAN) signal transfer, Visible Light Communication (VLC),Worldwide Interoperability for Microwave Access (WiMAX), Infrared (IR)communication wireless signal transfer, Public Switched TelephoneNetwork (PSTN) signal transfer, Integrated Services Digital Network(ISDN) signal transfer, 3G/4G/5G/LTE cellular data network wirelesssignal transfer, personal area network (PAN) signal transfer, wide areanetwork (WAN) signal transfer, ad-hoc network signal transfer, radiowave signal transfer, microwave signal transfer, infrared signaltransfer, visible light signal transfer, ultraviolet light signaltransfer, wireless signal transfer along the electromagnetic spectrum,or some combination thereof. Input devices 760 may include any ports,plugs, antennae, wired or wireless receivers, wired or wirelesstransceivers, or any other components necessary for or usable toimplement the communication types listed above, such as cellular SIMcards.

Input devices 760 may include receivers or transceivers used forpositioning of the computing system 700 as well. These may include anyof the wired or wireless signal receivers or transceivers. For example,a location of the computing system 700 can be determined based on signalstrength of signals as received at the computing system 700 from threecellular network towers, a process known as cellular triangulation.Fewer than three cellular network towers can also be used—even one canbe used—though the location determined from such data will be lessprecise (e.g., somewhere within a particular circle for one tower,somewhere along a line or within a relatively small area for two towers)than via triangulation. More than three cellular network towers can alsobe used, further enhancing the location's accuracy. Similar positioningoperations can be performed using proximity beacons, which might useshort-range wireless signals such as BLUETOOTH® wireless signals,BLUETOOTH® low energy (BLE) wireless signals, IBEACON® wireless signals,personal area network (PAN) signals, microwave signals, radio wavesignals, or other signals discussed above. Similar positioningoperations can be performed using wired local area networks (LAN) orwireless local area networks (WLAN) where locations are known of one ormore network devices in communication with the computing system 700 suchas a router, modem, switch, hub, bridge, gateway, or repeater. These mayalso include Global Navigation Satellite System (GNSS) receivers ortransceivers that are used to determine a location of the computingsystem 700 based on receipt of one or more signals from one or moresatellites associated with one or more GNSS systems. GNSS systemsinclude, but are not limited to, the US-based Global Positioning System(GPS), the Russia-based Global Navigation Satellite System (GLONASS),the China-based BeiDou Navigation Satellite System (BDS), and theEurope-based Galileo GNSS. Input devices 760 may include receivers ortransceivers corresponding to one or more of these GNSS systems.

Display system 770 may include a liquid crystal display (LCD), a plasmadisplay, an organic light-emitting diode (OLED) display, an electronicink or “e-paper” display, a projector-based display, a holographicdisplay, or another suitable display device. Display system 770 receivestextual and graphical information, and processes the information foroutput to the display device. The display system 770 may includemultiple-touch touchscreen input capabilities, such as capacitive touchdetection, resistive touch detection, surface acoustic wave touchdetection, or infrared touch detection. Such touchscreen inputcapabilities may or may not allow for variable pressure or forcedetection.

Peripherals 780 may include any type of computer support device to addadditional functionality to the computer system. For example, peripheraldevice(s) 780 may include one or more additional output devices of anyof the types discussed with respect to output device 750, one or moreadditional input devices of any of the types discussed with respect toinput device 760, one or more additional display systems of any of thetypes discussed with respect to display system 770, one or more memoriesor mass storage devices or portable storage devices of any of the typesdiscussed with respect to memory 720 or mass storage 730 or portablestorage 740, a modem, a router, an antenna, a wired or wirelesstransceiver, a printer, a bar code scanner, a quick-response (“QR”) codescanner, a magnetic stripe card reader, a integrated circuit chip (ICC)card reader such as a smartcard reader or a EUROPAY®-MASTERCARD®-VISA®(EMV) chip card reader, a near field communication (NFC) reader, adocument/image scanner, a visible light camera, a thermal/infraredcamera, an ultraviolet-sensitive camera, a night vision camera, a lightsensor, a phototransistor, a photoresistor, a thermometer, a thermistor,a battery, a power source, a proximity sensor, a laser rangefinder, asonar transceiver, a radar transceiver, a lidar transceiver, a networkdevice, a motor, an actuator, a pump, a conveyer belt, a robotic arm, arotor, a drill, a chemical assay device, or some combination thereof.

The components contained in the computer system 700 of FIG. 7 caninclude those typically found in computer systems that may be suitablefor use with some aspects of the subject technology and represent abroad category of such computer components that are well known in theart. That said, the computer system 700 of FIG. 7 can be customized andspecialized for the purposes discussed herein and to carry out thevarious operations discussed herein, with specialized hardwarecomponents, specialized arrangements of hardware components, and/orspecialized software. Thus, the computer system 700 of FIG. 7 can be apersonal computer, a hand held computing device, a telephone(“smartphone” or otherwise), a mobile computing device, a workstation, aserver (on a server rack or otherwise), a minicomputer, a mainframecomputer, a tablet computing device, a wearable device (such as a watch,a ring, a pair of glasses, or another type of jewelry or clothing oraccessory), a video game console (portable or otherwise), an e-bookreader, a media player device (portable or otherwise), a vehicle-basedcomputer, another type of computing device, or some combination thereof.The computer system 700 may in some cases be a virtual computer systemexecuted by another computer system. The computer can also includedifferent bus configurations, networked platforms, multi-processorplatforms, etc. Various operating systems can be used including Unix®,Linux®, FreeBSD®, FreeNAS®, pfSense®, Windows®, Apple® Macintosh OS®(“MacOS®”), Palm OS®, Google® Android®, Google® Chrome OS®, Chromium®OS®, OPENSTEP®, XNU®, Darwin®, Apple® iOS®, Apple® tvOS®, Apple®watchOS®, Apple® audioOS®, Amazon® Fire OS®, Amazon® Kindle OS®,variants of any of these, other suitable operating systems, orcombinations thereof. The computer system 700 may also use a BasicInput/Output System (BIOS) or Unified Extensible Firmware Interface(UEFI) as a layer upon which the operating system(s) are run.

In some cases, the computer system 700 may be part of a multi-computersystem that uses multiple computer systems 700, each for one or morespecific tasks or purposes. For example, the multi-computer system mayinclude multiple computer systems 700 communicatively coupled togethervia at least one of a personal area network (PAN), a local area network(LAN), a wireless local area network (WLAN), a municipal area network(MAN), a wide area network (WAN), or some combination thereof. Themulti-computer system may further include multiple computer systems 700from different networks communicatively coupled together via theinternet (also known as a “distributed” system).

Some aspects of the subject technology may be implemented in anapplication that may be operable using a variety of devices.Non-transitory computer-readable storage media refer to any medium ormedia that participate in providing instructions to a central processingunit (CPU) for execution and that may be used in the memory 720, themass storage 730, the portable storage 740, or some combination thereof.Such media can take many forms, including, but not limited to,non-volatile and volatile media such as optical or magnetic disks anddynamic memory, respectively. Some forms of non-transitorycomputer-readable media include, for example, a floppy disk, a flexibledisk, a hard disk, magnetic tape, a magnetic strip/stripe, any othermagnetic storage medium, flash memory, memristor memory, any othersolid-state memory, a compact disc read only memory (CD-ROM) opticaldisc, a rewritable compact disc (CD) optical disc, digital video disk(DVD) optical disc, a blu-ray disc (BDD) optical disc, a holographicoptical disk, another optical medium, a secure digital (SD) card, amicro secure digital (microSD) card, a Memory Stick® card, a smartcardchip, a EMV chip, a subscriber identity module (SIM) card, amini/micro/nano/pico SIM card, another integrated circuit (IC)chip/card, random access memory (RAM), static RAM (SRAM), dynamic RAM(DRAM), read-only memory (ROM), programmable read-only memory (PROM),erasable programmable read-only memory (EPROM), electrically erasableprogrammable read-only memory (EEPROM), flash EPROM (FLASHEPROM), cachememory (L1/L2/L3/L4/L5/L7), resistive random-access memory (RRAM/ReRAM),phase change memory (PCM), spin transfer torque RAM (STT-RAM), anothermemory chip or cartridge, or a combination thereof.

Various forms of transmission media may be involved in carrying one ormore sequences of one or more instructions to a processor 710 forexecution. A bus 790 carries the data to system RAM or another memory720, from which a processor 710 retrieves and executes the instructions.The instructions received by system RAM or another memory 720 canoptionally be stored on a fixed disk (mass storage device 730/portablestorage 740) either before or after execution by processor 710. Variousforms of storage may likewise be implemented as well as the necessarynetwork interfaces and network topologies to implement the same.

While various flow diagrams provided and described above may show aparticular order of operations performed by some embodiments of thesubject technology, it should be understood that such order isexemplary. Alternative embodiments may perform the operations in adifferent order, combine certain operations, overlap certain operations,or some combination thereof. It should be understood that unlessdisclosed otherwise, any process illustrated in any flow diagram hereinor otherwise illustrated or described herein may be performed by amachine, mechanism, and/or computing system 700 discussed herein, andmay be performed automatically (e.g., in response to one or moretriggers/conditions described herein), autonomously, semi-autonomously(e.g., based on received instructions), or a combination thereof.Furthermore, any action described herein as occurring in response to oneor more particular triggers/conditions should be understood tooptionally occur automatically response to the one or more particulartriggers/conditions.

The foregoing detailed description of the technology has been presentedfor purposes of illustration and description. It is not intended to beexhaustive or to limit the technology to the precise form disclosed.Many modifications and variations are possible in light of the aboveteaching. The described embodiments were chosen in order to best explainthe principles of the technology, its practical application, and toenable others skilled in the art to utilize the technology in variousembodiments and with various modifications as are suited to theparticular use contemplated. It is intended that the scope of thetechnology be defined by the claim.

The invention claimed is:
 1. A method of device pairing, the methodcomprising: receiving a merchant device identifier at one or morecheckout service servers from a merchant device of a merchant; sending,from a terminal device distinct from the merchant device, a terminaldevice identifier to the one or more checkout service servers based onmerchant input at the terminal device, receiving the terminal deviceidentifier at the one or more checkout service servers from the terminaldevice; receiving a notification at the one or more checkout serviceservers indicating that the terminal device has been identified to themerchant; identifying, at the one or more checkout service servers, thatthe terminal device corresponding to the terminal device identifier isauthorized to read payment card information for use in processing one ormore transactions initiated by the merchant device corresponding to themerchant device identifier; generating a pairing record at the one ormore checkout service servers in response to receipt of the notificationand identifying that the terminal device is authorized to read paymentcard information for use in processing the one or more transactionsinitiated by the merchant device, the pairing record identifying atleast the merchant device identifier and the terminal device identifier;storing the pairing record in a data structure associated with the oneor more checkout service servers; and querying the data structure toverify, based on the pairing record, that the terminal device isauthorized to read payment card information for use in processing theone or more transactions initiated by the merchant device.
 2. The methodof claim 1, wherein receiving the notification at the one or morecheckout service servers indicating that the terminal device has beenidentified to the merchant includes receiving a serial number associatedwith the terminal device from a device other than the terminal device.3. The method of claim 1, wherein receiving the notification at the oneor more checkout service servers indicating that the terminal device hasbeen identified to the merchant includes receiving a code output by theterminal device from a device other than the terminal device.
 4. Themethod of claim 1, wherein receiving the notification at the one or morecheckout service servers indicating that the terminal device has beenidentified to the merchant includes receiving a code output by a mobiledevice in response to the mobile device interacting with the terminaldevice.
 5. The method of claim 1, wherein receiving the notification atthe one or more checkout service servers indicating that the terminaldevice has been identified to the merchant includes receiving anindication that the terminal device has been selected from a list ofdevices at the merchant device.
 6. The method of claim 1, wherein themerchant input received at the terminal device includes a merchantidentifier, and wherein receiving the notification at the one or morecheckout service servers indicating that the terminal device has beenidentified to the merchant includes receiving a notification from theterminal device including the merchant identifier in response toreceiving the merchant input.
 7. The method of claim 1, the pairingrecord further identifying that a second terminal device correspondingto a second terminal device identifier is also authorized to readpayment card information for use in processing one or more transactionsinitiated by the merchant device corresponding to the merchant deviceidentifier.
 8. The method of claim 1, wherein the merchant deviceidentifier as received at the one or more checkout service servers isformatted for an application programming interface (API) of the one ormore checkout service servers.
 9. The method of claim 8, furthercomprising: generating an API key at the one or more checkout serviceservers; and providing the API key from the one or more checkout serviceservers to the merchant, wherein the merchant device identifier asreceived at the one or more checkout service servers is formatted forthe API of the one or more checkout service servers based on use of theAPI key at the merchant device.
 10. The method of claim 1, furthercomprising: receiving a request to process a transaction at the one ormore checkout service servers and from the merchant device; andrequesting payment instrument information for the transaction from theterminal device based on the terminal device identifier being identifiedin the pairing record along with the merchant device identifier.
 11. Themethod of claim 1, wherein the data structure is a database.
 12. Asystem for device pairing, the system comprising: one or morecommunication interfaces, wherein the one or more communicationinterfaces: receive a merchant device identifier from a merchant deviceof a merchant, receiving a terminal device identifier from a terminaldevice distinct from the merchant device, and receive a notificationindicating that the terminal device has been identified to the merchant;one or more memory units that store instructions; and one or moreprocessors, wherein execution of the instructions by the one or moreprocessors causes the one or more processors to: identify that theterminal device corresponding to the terminal device identifier isauthorized to read payment card information for use in processing one ormore transactions initiated by the merchant device corresponding to themerchant device identifier, generate a pairing record in response toreceipt of the notification and identifying that the terminal device isauthorized to read payment card information for use in processing theone or more transactions initiated by the merchant device, the pairingrecord identifying at least the merchant device identifier and theterminal device identifier, store the pairing record in a datastructure, and query the data structure to verify, based on the pairingrecord, that the terminal device is authorized to read payment cardinformation for use in processing the one or more transactions initiatedby the merchant device.
 13. The system of claim 12, further comprising:the terminal device, wherein the terminal device sends the terminaldevice identifier to the one or more communication interfaces based onmerchant input at the terminal device.
 14. The system of claim 13,wherein the merchant input received at the terminal device includes amerchant identifier, and wherein the notification received at the one ormore communication interfaces indicating that the terminal device hasbeen identified to the merchant includes a notification from theterminal device including the merchant identifier in response toreceiving the merchant input.
 15. The system of claim 12, wherein thenotification received at the one or more communication interfacesindicating that the terminal device has been identified to the merchantis received from a device other than the terminal device and includes aserial number associated with the terminal device.
 16. The system ofclaim 12, wherein the notification received at the one or morecommunication interfaces indicating that the terminal device has beenidentified to the merchant is received from a device other than theterminal device and includes a code output by the terminal device. 17.The system of claim 12, wherein the notification received at the one ormore communication interfaces indicating that the terminal device hasbeen identified to the merchant includes a code output by a mobiledevice in response to the mobile device interacting with the terminaldevice.
 18. The system of claim 12, wherein the merchant deviceidentifier as received at the one or more communication interfaces isformatted for an application programming interface (API) of the one ormore communication interfaces.
 19. A method of device pairing, themethod comprising: receiving a merchant device identifier at one or morecheckout service servers from a merchant device of a merchant; receivinga terminal device identifier associated with a terminal device at theone or more checkout service servers; receiving a notification at theone or more checkout service servers indicating that the terminal deviceidentifier has been identified to the merchant; identifying, at the oneor more checkout service servers, that the terminal device correspondingto the terminal device identifier is authorized to read paymentinstrument information for use in processing one or more transactionsinitiated by the merchant device corresponding to the merchant deviceidentifier; generating a pairing record at the one or more checkoutservice servers in response to receipt of the notification andidentifying that the terminal device is authorized to read payment cardinformation for use in processing the one or more transactions initiatedby the merchant device, the pairing record identifying at least themerchant device identifier and the terminal device identifier; storingthe pairing record in a data structure associated with the one or morecheckout service servers; and querying the data structure to verify,based on the pairing record, that the terminal device is authorized toread payment card information for use in processing the one or moretransactions initiated by the merchant device.
 20. The method of claim19, further comprising: receiving a request to process a transaction atthe one or more checkout service servers and from the merchant device;and requesting payment instrument information for the transaction fromthe terminal device based on the terminal device identifier beingidentified in the pairing record along with the merchant deviceidentifier.